Re: [Openvpn-devel] New pre-1.3.3 beta
Matthias, Patch looks good, though why the dummy() functions? They generate warnings on gcc 2.96 if you build with --disable-lzo, --disable-crypto, etc. Some compiler that doesn't like empty source files? James Matthias Andreesaid: > On Sat, 15 Mar 2003, James Yonan wrote: > > > Yes, I think we should try to fix if it's only a trivial cast involved to > > silence the warning. > > > > I don't see them on gcc 2.96, even with "-Wall -W -Wpointer-arith > > -Wsign-compare -Winline". > > Indeed, it takes the sun compiler or the even more picky splint utility > (www.splint.org) to see them. > > The patch below doesn't fix > "crypto.c", line 228: warning: end-of-loop code not reached > > also on ll. 237 259 269 273 277 281 286 299 312 327. > > Fixing that would require a rewrite of crypto.c, the issue is the > > do { goto ...; } while(false); > > I'm not fixing this and I don't recommend changing that at this time > (after 1.3.3 maybe, if you're to fix that at all). > > Here's the patch: > > # buffer.c | 14 +++--- > # crypto.c | 12 ++-- > # error.c |2 +- > # lzo.c|2 ++ > # misc.c |2 +- > # packet_id.c |4 ++-- > # reliable.c |2 ++ > # session_id.c |2 ++ > # socket.c |4 ++-- > # ssl.c|6 -- > # thread.c |2 ++ > # tun.c|4 ++-- > # 12 files changed, 33 insertions(+), 23 deletions(-) > > Index: buffer.c > === > RCS file: /cvsroot/openvpn/openvpn/buffer.c,v > retrieving revision 1.11 > diff -u -r1.11 buffer.c > --- buffer.c 15 Mar 2003 07:18:00 - 1.11 > +++ buffer.c 15 Mar 2003 22:42:02 - > @@ -115,14 +115,14 @@ > { >va_list arglist; > > - char *ptr = BEND (buf); > + uint8_t *ptr = BEND (buf); >int cap = buf_forward_capacity (buf); > >va_start (arglist, format); > - vsnprintf (ptr, cap, format, arglist); > + vsnprintf ((char *)ptr, cap, format, arglist); >va_end (arglist); > > - buf->len += strlen (ptr); > + buf->len += strlen ((char *)ptr); > } > > /* > @@ -137,7 +137,7 @@ >int len = strlen (str) + 1; >if (len < buf_forward_capacity_total (buf)) > { > - strncpynt (buf->data + buf->capacity - len, str, len); > + strncpynt ((char *)(buf->data + buf->capacity - len), str, len); > } > } > } > @@ -148,7 +148,7 @@ > void > convert_to_one_line (struct buffer *buf) > { > - char *cp = BPTR(buf); > + uint8_t *cp = BPTR(buf); >int len = BLEN(buf); >while (len--) > { > @@ -185,7 +185,7 @@ >struct gc_entry *e; >struct gc_thread* thread = _gc_thread[thread_number()]; > > - while (e = thread->gc_stack) > + while ((e = thread->gc_stack)) > { >if (e->level < level) > break; > @@ -235,5 +235,5 @@ >buf_printf (, "%02x", data[i]); > } >buf_catrunc (, "[more...]"); > - return out.data; > + return (char *)out.data; > } > Index: crypto.c > === > RCS file: /cvsroot/openvpn/openvpn/crypto.c,v > retrieving revision 1.14 > diff -u -r1.14 crypto.c > --- crypto.c 21 Feb 2003 16:14:05 - 1.14 > +++ crypto.c 15 Mar 2003 22:42:03 - > @@ -184,7 +184,7 @@ > HMAC_Update (ctx->hmac, BPTR (), BLEN ()); > output = buf_prepend (, HMAC_size (ctx->hmac)); > ASSERT (output); > - HMAC_Final (ctx->hmac, output, _len); > + HMAC_Final (ctx->hmac, output, (unsigned int *)_len); > ASSERT (hmac_len == HMAC_size (ctx->hmac)); > } > > @@ -229,7 +229,7 @@ > > HMAC_Update (ctx->hmac, BPTR (buf) + hmac_len, > BLEN (buf) - hmac_len); > - HMAC_Final (ctx->hmac, local_hmac, _hmac_len); > + HMAC_Final (ctx->hmac, local_hmac, (unsigned int *)_hmac_len); > ASSERT (hmac_len == in_hmac_len); > > /* Compare locally computed HMAC with packet HMAC */ > @@ -883,9 +883,9 @@ >if (fd == -1) > msg (M_ERR, "Cannot open shared secret file %s", filename); > > - while (size = read (fd, in.data, in.capacity)) > + while ((size = read (fd, in.data, in.capacity))) > { > - const char *cp = in.data; > + const char *cp = (char *)in.data; >while (size) > { > const char c = *cp; > @@ -923,7 +923,7 @@ > if (hb_index == 2) > { > unsigned int u; > - ASSERT(sscanf(hex_byte, "%x", ) == 1); > + ASSERT(sscanf((const char *)hex_byte, "%x", ) == 1); > *out++ = u; > hb_index = 0; > if (++count == keylen) > @@ -982,7 +982,7 @@ >buf_printf (, "%s\n", static_key_foot); > >/* write data to file */ > - len = strlen (BPTR()); > + len = strlen ((char *)BPTR()); >size = write (fd, BPTR(), len); >if (size
Re: [Openvpn-devel] New pre-1.3.3 beta
On Sat, 15 Mar 2003, James Yonan wrote: > Yes, I think we should try to fix if it's only a trivial cast involved to > silence the warning. > > I don't see them on gcc 2.96, even with "-Wall -W -Wpointer-arith > -Wsign-compare -Winline". Indeed, it takes the sun compiler or the even more picky splint utility (www.splint.org) to see them. The patch below doesn't fix "crypto.c", line 228: warning: end-of-loop code not reached also on ll. 237 259 269 273 277 281 286 299 312 327. Fixing that would require a rewrite of crypto.c, the issue is the do { goto ...; } while(false); I'm not fixing this and I don't recommend changing that at this time (after 1.3.3 maybe, if you're to fix that at all). Here's the patch: # buffer.c | 14 +++--- # crypto.c | 12 ++-- # error.c |2 +- # lzo.c|2 ++ # misc.c |2 +- # packet_id.c |4 ++-- # reliable.c |2 ++ # session_id.c |2 ++ # socket.c |4 ++-- # ssl.c|6 -- # thread.c |2 ++ # tun.c|4 ++-- # 12 files changed, 33 insertions(+), 23 deletions(-) Index: buffer.c === RCS file: /cvsroot/openvpn/openvpn/buffer.c,v retrieving revision 1.11 diff -u -r1.11 buffer.c --- buffer.c15 Mar 2003 07:18:00 - 1.11 +++ buffer.c15 Mar 2003 22:42:02 - @@ -115,14 +115,14 @@ { va_list arglist; - char *ptr = BEND (buf); + uint8_t *ptr = BEND (buf); int cap = buf_forward_capacity (buf); va_start (arglist, format); - vsnprintf (ptr, cap, format, arglist); + vsnprintf ((char *)ptr, cap, format, arglist); va_end (arglist); - buf->len += strlen (ptr); + buf->len += strlen ((char *)ptr); } /* @@ -137,7 +137,7 @@ int len = strlen (str) + 1; if (len < buf_forward_capacity_total (buf)) { - strncpynt (buf->data + buf->capacity - len, str, len); + strncpynt ((char *)(buf->data + buf->capacity - len), str, len); } } } @@ -148,7 +148,7 @@ void convert_to_one_line (struct buffer *buf) { - char *cp = BPTR(buf); + uint8_t *cp = BPTR(buf); int len = BLEN(buf); while (len--) { @@ -185,7 +185,7 @@ struct gc_entry *e; struct gc_thread* thread = _gc_thread[thread_number()]; - while (e = thread->gc_stack) + while ((e = thread->gc_stack)) { if (e->level < level) break; @@ -235,5 +235,5 @@ buf_printf (, "%02x", data[i]); } buf_catrunc (, "[more...]"); - return out.data; + return (char *)out.data; } Index: crypto.c === RCS file: /cvsroot/openvpn/openvpn/crypto.c,v retrieving revision 1.14 diff -u -r1.14 crypto.c --- crypto.c21 Feb 2003 16:14:05 - 1.14 +++ crypto.c15 Mar 2003 22:42:03 - @@ -184,7 +184,7 @@ HMAC_Update (ctx->hmac, BPTR (), BLEN ()); output = buf_prepend (, HMAC_size (ctx->hmac)); ASSERT (output); - HMAC_Final (ctx->hmac, output, _len); + HMAC_Final (ctx->hmac, output, (unsigned int *)_len); ASSERT (hmac_len == HMAC_size (ctx->hmac)); } @@ -229,7 +229,7 @@ HMAC_Update (ctx->hmac, BPTR (buf) + hmac_len, BLEN (buf) - hmac_len); - HMAC_Final (ctx->hmac, local_hmac, _hmac_len); + HMAC_Final (ctx->hmac, local_hmac, (unsigned int *)_hmac_len); ASSERT (hmac_len == in_hmac_len); /* Compare locally computed HMAC with packet HMAC */ @@ -883,9 +883,9 @@ if (fd == -1) msg (M_ERR, "Cannot open shared secret file %s", filename); - while (size = read (fd, in.data, in.capacity)) + while ((size = read (fd, in.data, in.capacity))) { - const char *cp = in.data; + const char *cp = (char *)in.data; while (size) { const char c = *cp; @@ -923,7 +923,7 @@ if (hb_index == 2) { unsigned int u; - ASSERT(sscanf(hex_byte, "%x", ) == 1); + ASSERT(sscanf((const char *)hex_byte, "%x", ) == 1); *out++ = u; hb_index = 0; if (++count == keylen) @@ -982,7 +982,7 @@ buf_printf (, "%s\n", static_key_foot); /* write data to file */ - len = strlen (BPTR()); + len = strlen ((char *)BPTR()); size = write (fd, BPTR(), len); if (size != len) msg (M_ERR, "Write error on shared secret file %s", filename); Index: error.c === RCS file: /cvsroot/openvpn/openvpn/error.c,v retrieving revision 1.15 diff -u -r1.15 error.c --- error.c 15 Mar 2003 07:18:00 - 1.15 +++ error.c 15 Mar 2003 22:42:03 - @@ -177,7 +177,7 @@ { int nerrs = 0; int err; - while (err = ERR_get_error ()) + while ((err = ERR_get_error ())) { snprintf (m2,
Re: [Openvpn-devel] New pre-1.3.3 beta
On Sat, 15 Mar 2003, James Yonan wrote: > If you have a chance, please test this beta. I mostly use linux 2.4 for > development, so I don't have much of a chance to test on linux 2.2 and > non-linux OSes. There are some warnings with Sun's compiler about uint8_t vs. char clashes. Do you intend to silence the warnings or are you interested to see them? I think they're harmless but annoying. Other than that, it compiles on FreeBSD 4.8-RC x86 and Solaris 8 sparc (32-bit mode), on the latter with Sun's compiler and gcc 2.95. -- Matthias Andree
[Openvpn-devel] New pre-1.3.3 beta
If you have a chance, please test this beta. I mostly use linux 2.4 for development, so I don't have much of a chance to test on linux 2.2 and non-linux OSes. Since the last beta announcement on this list, there's been a bunch of changes including build system portability fixes, --dev-name, and --mtu-disc. The latter gives access to a linux system call that allows some manual control over how and whether Path MTU Discovery is implemented on the UDP socket. You can download via CVS or from a tarball: http://openvpn.sourceforge.net/beta/openvpn-1.3.2.17.tar.gz Change Log: * Added --replay-persist feature to allow replay protection across sessions. * Fixed bug where --ifconfig could not be used with --tun-mtu. * Added --tun-mtu-extra parameter to deal with the situation where a read on a TUN/TAP device returns more data than the device's MTU size. * Fixed bug where some IPv6 support code for Linux was not being properly ifdefed out for Linux 2.2, causing compile errors. * Added OPENVPN_EXIT_STATUS_x codes to openvpn.h to control which status value openvpn returns to its caller (such as a shell or inetd/xinetd) for various conditions. * Added OPENVPN_DEBUG_COMMAND_LINE flag to openvpn.h to allow debugging in situations where stdout, stderr, and syslog cannot be used for message output, such as when OpenVPN is instantiated by inetd/xinetd. * Removed owner-execute permission from file created by static key generator (Herbert Xu and Alberto Gonzalez Iniesta). * Added --passtos option to allow IPv4 TOS bits to be passed from TUN/TAP input packets to the outgoing UDP socket (Craig Knox). * Added code to prevent open socket file descriptors from being accessible to called scripts. * Added --dev-name option (Christian Lademann). * Added --mtu-disc option for manual control over MTU options. * Show OS MTU value on UDP socket write failures (linux only). * Numerous build system and portability fixes (Matthias Andree). * Added better sensing of compiler support for variable argument macros, including (a) gcc style, (b) ISO C 1999 style, and (c) no support. * Removed generated files from CVS. Note INSTALL file for new CVS build commands. * Changed all internal _* symbols to x_* for C standards compliance. James